CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 3CVE-2010-4991 – Joomla! Component NinjaMonials - Blind SQL Injection
https://notcve.org/view.php?id=CVE-2010-4991
SQL injection vulnerability in the NinjaMonials (com_ninjamonials) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in a display action to index.php. Vulnerabilidad de inyección SQL en el componente NinjaMonials (com_ninjamonials) de Joomla! permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro Itemid en una acción display de index.php. • https://www.exploit-db.com/exploits/14211 http://www.exploit-db.com/exploits/14211 http://www.securityfocus.com/bid/41345 https://exchange.xforce.ibmcloud.com/vulnerabilities/60094 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 4CVE-2010-4992 – Joomla! Component PaymentsPlus 2.1.5 - Blind SQL Injection
https://notcve.org/view.php?id=CVE-2010-4992
SQL injection vulnerability in the Payments Plus component 2.1.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the type parameter to add.html. Vulnerabilidad de inyección SQL en el componente Payments Plus 2.1.5 de Joomla! permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro type de add.html. • https://www.exploit-db.com/exploits/14265 http://packetstormsecurity.org/1007-exploits/joomlapaymentsplus-sql.txt http://securityreason.com/securityalert/8497 http://www.exploit-db.com/exploits/14265 http://www.securityfocus.com/bid/41458 https://exchange.xforce.ibmcloud.com/vulnerabilities/60166 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 4CVE-2010-4977 – Joomla! Component Canteen 1.0 - Local File Inclusion
https://notcve.org/view.php?id=CVE-2010-4977
SQL injection vulnerability in menu.php in the Canteen (com_canteen) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the mealid parameter to index.php. Vulnerabilidad de inyección SQL en menu.php del componente Canteen (com_canteen) 1.0 de Joomla! permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro mealid de index.php. • https://www.exploit-db.com/exploits/34250 http://osvdb.org/66031 http://packetstormsecurity.org/1007-exploits/joomlacanteen-lfisql.txt http://secunia.com/advisories/40503 http://securityreason.com/securityalert/8495 http://www.salvatorefresta.net/files/adv/Canteen%20Joomla%20Component%201.0%20Multiple%20Remote%20Vulnerabilities-04072010.txt http://www.securityfocus.com/archive/1/512170/100/0/threaded http://www.securityfocus.com/bid/41358 https://exchange.xforce.ibmcloud.com/vulnerabilities/60103 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 3CVE-2010-4990 – Joomla! Component Address Book - Blind SQL Injection
https://notcve.org/view.php?id=CVE-2010-4990
SQL injection vulnerability in the Front-edit Address Book (com_addressbook) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in a contact action to index.php. Vulnerabilidad de inyección SQL en el componente Front-edit Address Book (com_addressbook) de Joomla! permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro Itemid de una acción contact de index.php. • https://www.exploit-db.com/exploits/14210 http://www.exploit-db.com/exploits/14210 http://www.securityfocus.com/bid/41353 http://www.vupen.com/english/advisories/2010/1702 https://exchange.xforce.ibmcloud.com/vulnerabilities/60092 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 2CVE-2010-4975 – Joomla! Component Techjoomla SocialAds - Persistent Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2010-4975
SQL injection vulnerability in the Techjoomla SocialAds For JomSocial (com_socialads) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the ads description field in a showad action to index.php. Vulnerabilidad de inyección SQL en el componente Techjoomla SocialAds For JomSocial (com_socialads) para Joomla!, permite a atacantes remotos ejecutar comandos SQL de su elección a través del campo de descripción "ads" en una acción showad al index.php. • https://www.exploit-db.com/exploits/14196 http://www.exploit-db.com/exploits/14196 http://www.securityfocus.com/bid/41354 https://exchange.xforce.ibmcloud.com/vulnerabilities/60067 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •